Categories: Kali Linux

Galer : A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In

Galer is a fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to extract src, href, url and action values by evaluating JavaScript through Chrome DevTools Protocol.

Installation

  • From Binary

The installation is easy. You can download a prebuilt binary from releases page, unpack and run! or with

(sudo) curl -sSfL https://git.io/galer | sh -s — -b /usr/local/bin

  • From Source

If you have go1.15+ compiler installed and configured:

GO111MODULE=on go get github.com/dwisiswant0/galer

  • From GitHub

git clone https://github.com/dwisiswant0/galer
cd galer
go build .
(sudo) mv galer /usr/local/bin

Usage

  • Basic Usage
    • Simply, galer can be run with:

galer -u “http://domain.tld”

  • Flags

galer -h

This will display help for the tool. Here are all the switches it supports.

FlagDescription
-u, –urlTarget to fetches (single target URL or list)
-e, –extensionShow only certain extensions (comma-separated, e.g. js,php)
-c, –concurrencyConcurrency level (default: 50)
–in-scopeShow in-scope URLs/same host only
-o, –outputSave fetched URLs output into file
-t, –timeoutMaximum time (seconds) allowed for connection (default: 60)
-s, –silentSilent mode (suppress an errors)
-v, –verboseVerbose mode show error details unless you weren’t use silent
-h, –helpDisplay its helps

Examples

  • Single URL

galer -u “http://domain.tld”

  • URLs from list

galer -u /path/to/urls.txt

  • From Stdin

cat urls.txt | galer

  • In case you want to chained with other tools:

subfinder -d domain.tld -silent | httpx -silent | galer

Library

You can use galer as library.

go get github.com/dwisiswant0/galer/pkg/galer

For example:

package main

import (
 "fmt"

 "github.com/dwisiswant0/galer/pkg/galer"
)

func main() {
 cfg := &galer.Config{
  Timeout: 60,
 }
 cfg = galer.New(cfg)

 run, err := cfg.Crawl("https://twitter.com")
 if err != nil {
  panic(err)
 }

 for _, url := range run {
  fmt.Println(url)
 }
}

TODOs

  • Enable to set extra HTTP headers
  • Provide randomly User-Agent
  • Bypass headless browser
  • Add exception for specific extensions
Download
R K

Share
Published by
R K
3 years ago

Recent Posts

Cybersecurity Toolkit – Essential Python Tools For Penetration Testing

Welcome to the Cybersecurity Toolkit, a collection of essential Python tools designed for penetration testing…

21 hours ago

i-Haklab : Unleashing The Power Of Termux For Enhanced Cybersecurity

The main objective of the creation of this laboratory is to transport the applications, tools…

21 hours ago

Dark FB – A Comprehensive Toolkit For Advanced Facebook Interactions

"Dark FB" is a powerful toolkit designed for those who wish to delve deeper into…

21 hours ago

Wifi-Hacking.py : Your Ultimate Guide To Ethical WiFi Penetration Testing

Unlock the potential of ethical hacking with Wifi-Hacking.py, a powerful cybersecurity tool designed to navigate…

2 days ago

THREAT ACTORS – TTPs : Decoding The Digital Underworld Through Comprehensive Mapping

This repository was created with the aim of assisting companies and independent researchers about Tactics,…

2 days ago

MagicDot : Harnessing DOT-To-NT Path Conversion For Rootkit-Like Capabilities

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path…

2 days ago